It has been reported that almost 16,000 cyber ‘attacks’ were made against Hertfordshire County Council between January and March this year, according to the latest figures. The data is included in a report due to be presented to a meeting of the council’s resources and performance cabinet panel on Wednesday (June 9). It says the exact number of attacks – between January 1 and March 31 this year – was 15,964.
<p>It\’s good for councils to be transparent in the number of cyber attacks they have been facing. Although the 16,000 number probably includes low risk items such as automated scans of the network, which may not be attacks in themselves.</p> <p> </p> <p>What is interesting about the report is that the council states phishing attempts continue to be the highest threat. This is consistent with what is being reported in all verticals across all sizes of organisations. So investing in a robust layered protection against phishing emails should be a priority. This includes technical controls, procedures, and providing the right security awareness and training to staff.</p>
<p>While this sounds like a high number of attacks it is unfortunately the reality faced by many organisations today. Phishing attacks target individual users, therefore a single campaign may result in hundreds or even thousands of individual attacks being directed at an organisation. It only takes one of these attempts to be successful in order for the intended target to become compromised. Email is a common delivery mechanism, but with the growth of remote working, attackers are shifting their tactics towards mobile devices, exploiting SMS, messaging apps and mobile browsers.</p> <p> </p> <p>Users may be lured to disclose credentials or install malware which may lead to further compromise, either of the device itself or cloud services accessible from the device. The current increase in remote working practices makes the security challenge even harder. A higher volume of workers now operate outside of the protection of the corporate security perimeter. </p> <p> </p> <p>A successful phishing attack can compromise both the device and the user’s account. The attacker can then access that organization’s infrastructure with legitimate credentials and move around until they find valuable assets to exfiltrate. Since attackers use legitimate credentials, they can access most any cloud-based resource including Software-as-a-Service (SaaS) platforms like Google Workspace, Microsoft Office 365, or Workday as well as infrastructure platforms like AWS. To stay resilient, organisations need to focus on continuous monitoring for attacks, placing security at the new perimeter of remote devices and cloud repositories, and training their users in phishing awareness.</p>